CVE-2025-13789 | ZenTao up to 21.7.6-8564 module/ai/model.php makeRequest Base server-side request forgery
A vulnerability was found in ZenTao up to 21.7.6-8564 and classified as critical. This affects the function makeRequest of the
Read More
Month: November 2025
CVE-2025-13790 | Scada-LTS up to 2.7.8.1 cross-site request forgery
A vulnerability was found in Scada-LTS up to 2.7.8.1. It has been classified as problematic. This impacts an unknown function.
Read More
CVE-2025-13791 | Scada-LTS up to 2.7.8.1 Project Import ZIPProjectManager.java Common.getHomeDir path traversal
A vulnerability was found in Scada-LTS up to 2.7.8.1. It has been declared as critical. Affected is the function Common.getHomeDir
Read More
CVE-2025-13792 | Qualitor 8.20/8.24 getResumo.php eval passageiros code injection
A vulnerability was found in Qualitor 8.20/8.24. It has been rated as critical. Affected by this vulnerability is the function
Read More
CVE-2025-13793 | winston-dsouza Ecommerce-Website up to 87734c043269baac0b4cfe9664784462138b1b2e GET Parameter header_menu.php Error cross site scripting
A vulnerability categorized as problematic has been discovered in winston-dsouza Ecommerce-Website up to 87734c043269baac0b4cfe9664784462138b1b2e. Affected by this issue is some
Read More
OAuth támadások észlelésére
A Wiz.io jelentése szerint a tradicionális jelszavak és jelszavas hitelesítés ma már kevés, a támadók az OAuth-alapú hitelesítési folyamatokat kezdik
Read More
Wifi kihasználás miatt börtön
Az ausztrál Australian Federal Police (AFP) jelentette, hogy egy nyugat-ausztráliai férfi — használva egy hordozható, úgynevezett WiFi Pineapple eszközt —
Read More
Opsec tiniknek
A digitális világban ugyan sokan streamelnek, chaten beszélgetnek, közösségi oldalakon osztanak meg tartalmakat — de az aktív internethasználat nem garantál
Read More
Debian 11: Important Race Condition in qtbase-opensource-src DLA-4387-1
A race condition was discovered in Qt, a cross-platform C++ application framework. Code to make security-relevant decisions about an established
Read More
CVE-2025-13782 | taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665 SlideController SlideController.class.php delete ids sql injection
A vulnerability marked as critical has been reported in taosir WTCMS up to 01a5f68a3dfc2fdddb44eed967bb2d4f60487665. Affected by this issue is the
Read More